Responsible Disclosure Policy
Interlock Roofing Ltd.
July 2, 2026 July 2, 2026
TL;DR
If you discover a security vulnerability in our websites or systems, we want to hear from you. Report it privately to [email protected], give us reasonable time to fix it, and act in good faith — and we won't pursue legal action for good-faith research that follows this policy.
Table of Contents
1. Scope
This policy applies to internet-facing systems owned or operated by Interlock (interlockroofing.com and related properties). Out of scope: third-party services we do not control, physical attacks, social engineering of staff or dealers, and denial-of-service.
2. How to Report
Email [email protected] with steps to reproduce, the affected URL or endpoint, and the impact. A machine-readable /.well-known/security.txt advertises this contact.
3. Guidelines (Safe Harbor)
Act in good faith; avoid privacy violations, data destruction, and service disruption; only interact with accounts you own or have permission to test; do not exfiltrate more data than necessary to demonstrate the issue; and give us reasonable time to remediate before public disclosure. Research conducted consistent with this policy is authorized, and we will not pursue or support legal action against you for it.
4. What to Expect
We aim to acknowledge reports within 3–5 business days, provide an assessment, and keep you updated through remediation. We do not currently operate a paid bug-bounty program; we are happy to credit reporters who wish it.
5. Please Do Not
Do not access, modify, or delete others' data; do not publicly disclose before we have remediated; and do not use findings for any purpose other than good-faith reporting.
Related Legal Policies
These policies work together to govern your use of our website, services, communications, and data practices.
- Privacy PolicyExplains how we collect, use, and protect your personal information.
- Terms of ServiceGoverns your use of our website, services, and interactions with Interlock.
- Cookie Policy and Consent ToolDetails how cookies and tracking technologies are used and managed.
- Do Not Sell or Share My Personal InformationAllows you to opt out of certain data sharing under applicable laws.
- Data Subject Access RequestSubmit a request to access, correct, or delete your personal data.
- SMS & Communications PolicyExplains how we communicate via phone, SMS, and email, including consent and opt-out options.
- Accessibility StatementDescribes our commitment to providing an accessible website experience.
- Image & Media Licensing PolicyDefines usage rights for images, media, and intellectual property.
- Customer Review & Feedback PolicyHow we collect, moderate, and publish customer reviews — honestly and without incentives.
- Cancellation & Refund PolicyYour right to cancel a home-improvement contract and how refunds are handled.
- Financing & Promotional DisclosuresThe terms behind our advertised financing and promotional offers.
- California Notice at CollectionCalifornia CCPA/CPRA notice at collection and financial-incentive disclosure.
- Copyright / DMCA PolicyHow to report copyright infringement under the DMCA, and our designated agent.
- Canadian Anti-Spam (CASL) PolicyHow we comply with Canada's Anti-Spam Legislation for email and SMS.
- Trademark & Brand Usage PolicyHow the Interlock® trademarks may and may not be used.
- AI & Automated Processing DisclosureHow we use AI-assisted tools and your rights regarding automated processing.